Results 1  10
of
17
Modular Data Structure Verification
 EECS DEPARTMENT, MASSACHUSETTS INSTITUTE OF TECHNOLOGY
, 2007
"... This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java ..."
Abstract

Cited by 36 (21 self)
 Add to MetaCart
This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java programs with dynamically allocated data structures. Developers write Jahob specifications in classical higherorder logic (HOL); Jahob reduces the verification problem to deciding the validity of HOL formulas. I present a new method for proving HOL formulas by combining automated reasoning techniques. My method consists of 1) splitting formulas into individual HOL conjuncts, 2) soundly approximating each HOL conjunct with a formula in a more tractable fragment and 3) proving the resulting approximation using a decision procedure or a theorem prover. I present three concrete logics; for each logic I show how to use it to approximate HOL formulas, and how to decide the validity of formulas in this logic. First, I present an approximation of HOL based on a translation to firstorder logic, which enables the use of existing resolutionbased theorem provers. Second, I present an approximation of HOL based on field constraint analysis, a new technique that enables
Verifying a file system implementation
 In Sixth International Conference on Formal Engineering Methods (ICFEM’04), volume 3308 of LNCS
, 2004
"... ..."
An integrated proof language for imperative programs
 In PLDI’09
"... We present an integrated proof language for guiding the actions of multiple reasoning systems as they work together to prove complex correctness properties of imperative programs. The language operates in the context of a program verification system that uses multiple reasoning systems to discharge ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
We present an integrated proof language for guiding the actions of multiple reasoning systems as they work together to prove complex correctness properties of imperative programs. The language operates in the context of a program verification system that uses multiple reasoning systems to discharge generated proof obligations. It is designed to 1) enable developers to resolve key choice points in complex program correctness proofs, thereby enabling automated reasoning systems to successfully prove the desired correctness properties; 2) allow developers to identify key lemmas for the reasoning systems to prove, thereby guiding the reasoning systems to find an effective proof decomposition; 3) enable multiple reasoning systems to work together productively to prove a single correctness property by providing a mechanism that developers can use to divide the property into lemmas, each of which is suitable for
A Language for Generic Programming
, 2005
"... First and foremost I thank my parents for all their love and for teaching me to enjoy learning. I especially thank my wife Katie for her support and understanding through this long and sometimes stressful process. I also thank Katie for insisting on good error messages for G! My advisor, Andrew Lums ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
First and foremost I thank my parents for all their love and for teaching me to enjoy learning. I especially thank my wife Katie for her support and understanding through this long and sometimes stressful process. I also thank Katie for insisting on good error messages for G! My advisor, Andrew Lumsdaine, deserves many thanks for his support and guidance and for keeping the faith as I undertook this long journey away from scientific computing and into the field of programming languages. I thank my thesis committee: R. Kent Dybvig, Daniel P. Friedman, Steven D. Johnson, and Amr Sabry for their advice and encouragement. A special thanks goes to Ronald Garcia, Christopher Mueller, and Douglas Gregor for carefully editing and catching the many many times when I accidentally skipped over the important stuff. Thanks to Jaakko and Jeremiah for hours of stimulating discussions and arguments concerning separate compilation and conceptbased overloading. Thanks to David Abrahams for countless hours spent debating the merits of one design over another while jogging through the hinterlands of Norway. Thanks to Alexander Stepanov and David Musser for getting all this started, and thank you for the encouragement over the years. Thanks to Matthew Austern, his book Generic Programming in the STL was both an inspiration
Deductive Runtime Certification
 In Proceedings of the 2004 Workshop on Runtime Verification
, 2004
"... This paper introduces a notion of certified computation whereby an algorithm not only produces a result r for a given input x, but also proves that r is a correct result for x. This can greatly enhance the credibility of the result: if we trust the axioms and inference rules that are used in the pro ..."
Abstract

Cited by 11 (8 self)
 Add to MetaCart
This paper introduces a notion of certified computation whereby an algorithm not only produces a result r for a given input x, but also proves that r is a correct result for x. This can greatly enhance the credibility of the result: if we trust the axioms and inference rules that are used in the proof, then we can be assured that r is correct. Typically, the reasoning used in a certified computation is much simpler than the computation itself. We present and analyze two examples of certifying algorithms. We have developed...
Reasoning about static and dynamic properties in alloy: A purely relational approach
 ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY (TOSEM
, 2005
"... We study a number of restrictions associated with the firstorder relational specification language Alloy. The main shortcomings we address are: — the lack of a complete calculus for deduction in Alloy’s underlying formalism, the so called relational logic, — the inappropriateness of the Alloy langu ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
We study a number of restrictions associated with the firstorder relational specification language Alloy. The main shortcomings we address are: — the lack of a complete calculus for deduction in Alloy’s underlying formalism, the so called relational logic, — the inappropriateness of the Alloy language for describing (and analyzing) properties regarding execution traces. The first of these points was not regarded as an important issue during the genesis of Alloy, and therefore has not been taken into account in the design of the relational logic. The second point is a consequence of the static nature of Alloy specifications, and has been partly solved by the developers of Alloy; however, their proposed solution requires a complicated and unstructured characterization of executions. We propose to overcome the first problem by translating relational logic to the equational calculus of fork algebras. Fork algebras provide a purely relational formalism close to Alloy, which
Metareasoning for multiagent epistemic logics
 In CLIMA V
, 2004
"... Abstract. We present an encoding of a sequent calculus for a multiagent epistemic logic in Athena, an interactive theorem proving system for manysorted firstorder logic. We then use Athena as a metalanguage in order to reason about the multiagent logic an as object language. This facilitates theo ..."
Abstract

Cited by 9 (7 self)
 Add to MetaCart
Abstract. We present an encoding of a sequent calculus for a multiagent epistemic logic in Athena, an interactive theorem proving system for manysorted firstorder logic. We then use Athena as a metalanguage in order to reason about the multiagent logic an as object language. This facilitates theorem proving in the multiagent logic in several ways. First, it lets us marshal the highly efficient theorem provers for classical firstorder logic that are integrated with Athena for the purpose of doing proofs in the multiagent logic. Second, unlike modeltheoretic embeddings of modal logics into classical firstorder logic, our proofs are directly convertible into native epistemic logic proofs. Third, because we are able to quantify over propositions and agents, we get much of the generality and power of higherorder logic even though we are in a firstorder setting. Finally, we are able to use Athena’s versatile tactics for proof automation in the multiagent logic. We illustrate by developing a tactic for solving the generalized version of the wise men problem. 1
Toward Ethical Robots via Mechanized Deontic
 Logic”, AAAI Fall Symposium on Machine Ethics, AAAI
, 2005
"... We suggest that mechanized multiagent deontic logics might be appropriate vehicles for engineering trustworthy robots. Mechanically checked proofs in such logics can serve to establish the permissibility (or obligatoriness) of agent actions, and such proofs, when translated into English, can also e ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
We suggest that mechanized multiagent deontic logics might be appropriate vehicles for engineering trustworthy robots. Mechanically checked proofs in such logics can serve to establish the permissibility (or obligatoriness) of agent actions, and such proofs, when translated into English, can also explain the rationale behind those actions. We use the logical framework Athena to encode a natural deduction system for a deontic logic recently proposed by Horty for reasoning about what agents ought to do. We present the syntax and semantics of the logic, discuss its encoding in Athena, and illustrate with an example of a mechanized proof.
Reporting on some logicbased machine reading research
 in Proceedings of the 2007 AAAI Spring Symposium: Machine Reading (SS–07–06), (Menlo Park, CA
, 2007
"... Much sponsored research in our lab either falls under or intersects with machine reading. In this short paper we give an encapsulated presentation of some of the research in question, leaving aside, for the most part, the ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
Much sponsored research in our lab either falls under or intersects with machine reading. In this short paper we give an encapsulated presentation of some of the research in question, leaving aside, for the most part, the
Simplifying proofs in Fitchstyle natural deduction systems
, 2004
"... We present an algorithm for simplifying Fitchstyle natural deduction proofs in classical firstorder logic. We formalize Fitchstyle natural deduction as a denotational proof language, N DL, with a rigorous syntax and semantics. Based on that formalization, we define an array of simplifying transfo ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
We present an algorithm for simplifying Fitchstyle natural deduction proofs in classical firstorder logic. We formalize Fitchstyle natural deduction as a denotational proof language, N DL, with a rigorous syntax and semantics. Based on that formalization, we define an array of simplifying transformations and show them to be terminating and to respect the formal semantics of the language. We also show that the transformations never increase the size or complexity of a deduction—in the worst case, they produce deductions of the same size and complexity as the original. We present several examples of proofs containing various types of superfluous “detours, ” and explain how our procedure eliminates them, resulting in smaller and cleaner deductions. All of the transformations are fully implemented in SMLNJ, and the complete code listing is available. 1.1